|
Family: Ubuntu Local Security Checks --> Category: infos
USN278-1 : gdm vulnerabilitiy Vulnerability Scan
Vulnerability Scan Summary gdm vulnerabilitiy
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "gdm" is missing a security patch.
Description :
Marcus Meissner discovered a race condition in gdm's handling of the
~/.ICEauthority file permissions. A local attacker could exploit this
to become the owner of an arbitrary file in the system. When getting
control over automatically executed scripts (like cron jobs), the
attacker could eventually leverage this flaw to execute arbitrary
commands with root rights.
Solution :
Upgrade to :
- gdm-2.8.0.5-0ubuntu1.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|